public function create_identity($p)
{
$rcmail = rcmail::get_instance();
// prefs are set in create_user()
if ($this->prefs) {
if ($this->prefs['full_name']) {
$p['record']['name'] = $this->prefs['full_name'];
}
if (($this->identities_level == 0 || $this->identities_level == 2) && $this->prefs['email_address']) {
$p['record']['email'] = $this->prefs['email_address'];
}
if ($this->prefs['___signature___']) {
$p['record']['signature'] = $this->prefs['___signature___'];
}
if ($this->prefs['reply_to']) {
$p['record']['reply-to'] = $this->prefs['reply_to'];
}
if (($this->identities_level == 0 || $this->identities_level == 1) && isset($this->prefs['identities']) && $this->prefs['identities'] > 1) {
for ($i = 1; $i < $this->prefs['identities']; $i++) {
unset($ident_data);
$ident_data = array('name' => '', 'email' => '');
// required data
if ($this->prefs['full_name' . $i]) {
$ident_data['name'] = $this->prefs['full_name' . $i];
}
if ($this->identities_level == 0 && $this->prefs['email_address' . $i]) {
$ident_data['email'] = $this->prefs['email_address' . $i];
} else {
$ident_data['email'] = $p['record']['email'];
}
if ($this->prefs['reply_to' . $i]) {
$ident_data['reply-to'] = $this->prefs['reply_to' . $i];
}
if ($this->prefs['___sig' . $i . '___']) {
$ident_data['signature'] = $this->prefs['___sig' . $i . '___'];
}
// insert identity
$identid = $rcmail->user->insert_identity($ident_data);
}
}
// copy address book
$contacts = $rcmail->get_address_book(null, true);
if ($contacts && count($this->abook)) {
foreach ($this->abook as $rec) {
// #1487096 handle multi-address and/or too long items
$rec['email'] = array_shift(explode(';', $rec['email']));
if (check_email(rcube_idn_to_ascii($rec['email']))) {
$rec['email'] = rcube_idn_to_utf8($rec['email']);
$contacts->insert($rec, true);
}
}
}
// mark identity as complete for following hooks
$p['complete'] = true;
}
return $p;
}
function lookup_user_name($args)
{
$rcmail = rcmail::get_instance();
if ($this->init_ldap($args['host'])) {
$results = $this->ldap->search('*', $args['user'], true);
if (count($results->records) == 1) {
$user_name = is_array($results->records[0]['name']) ? $results->records[0]['name'][0] : $results->records[0]['name'];
$user_email = is_array($results->records[0]['email']) ? $results->records[0]['email'][0] : $results->records[0]['email'];
$args['user_name'] = $user_name;
if (!$args['user_email'] && strpos($user_email, '@')) {
$args['user_email'] = rcube_idn_to_ascii($user_email);
}
}
}
return $args;
}
function lookup_user_name($args)
{
$rcmail = rcmail::get_instance();
if ($this->init_ldap($args['host'])) {
$results = $this->ldap->search('*', $args['user'], TRUE);
if (count($results->records) == 1) {
$args['user_name'] = $results->records[0]['name'];
if (!$args['user_email'] && strpos($results->records[0]['email'], '@')) {
$args['user_email'] = rcube_idn_to_ascii($results->records[0]['email']);
}
if (($alias_col = $rcmail->config->get('new_user_identity_alias')) && $results->records[0][$alias_col]) {
$args['alias'] = $results->records[0][$alias_col];
}
}
}
return $args;
}
/**
* User > Email
*/
function user2email($p)
{
$r = $this->findinvirtual('/\\s' . preg_quote($p['user'], '/') . '\\s*$/');
$result = array();
for ($i = 0; $i < count($r); $i++) {
$arr = preg_split('/\\s+/', $r[$i]);
if (count($arr) > 0 && strpos($arr[0], '@')) {
$result[] = rcube_idn_to_ascii(trim(str_replace('\\@', '@', $arr[0])));
if ($p['first']) {
$p['email'] = $result[0];
break;
}
}
}
$p['email'] = empty($result) ? NULL : $result;
return $p;
}
/**
* This function cleanup_addr() has been used a large part of function
* rcmail_email_input_format() in program/steps/mail/sendmail.inc of
* Roundcube core at version 0.9.
*/
function cleanup_addr($mailto)
{
global $RCMAIL;
// simplified email regexp, supporting quoted local part
$email_regexp = '(\\S+|("[^"]+"))@\\S+';
$delim = trim($RCMAIL->config->get('recipients_separator', ','));
$regexp = array("/[,;{$delim}]\\s*[\r\n]+/", '/[\\r\\n]+/', "/[,;{$delim}]\\s*\$/m", '/;/', '/(\\S{1})(<' . $email_regexp . '>)/U');
$replace = array($delim . ' ', ', ', '', $delim, '\\1 \\2');
// replace new lines and strip ending ', ', make address input more valid
$mailto = trim(preg_replace($regexp, $replace, $mailto));
$result = array();
$items = rcube_explode_quoted_string($delim, $mailto);
foreach ($items as $item) {
$item = trim($item);
// address in brackets without name (do nothing)
if (preg_match('/^<' . $email_regexp . '>$/', $item)) {
$item = rcube_idn_to_ascii(trim($item, '<>'));
$result[] = $item;
// address without brackets and without name (add brackets)
} else {
if (preg_match('/^' . $email_regexp . '$/', $item)) {
$item = rcube_idn_to_ascii($item);
$result[] = $item;
// address with name (handle name)
} else {
if (preg_match('/<*' . $email_regexp . '>*$/', $item, $matches)) {
$address = $matches[0];
$name = trim(str_replace($address, '', $item));
if ($name[0] == '"' && $name[count($name) - 1] == '"') {
$name = substr($name, 1, -1);
}
$name = stripcslashes($name);
$address = rcube_idn_to_ascii(trim($address, '<>'));
$result[] = $address;
$item = $address;
} else {
if (trim($item)) {
continue;
}
}
}
}
}
return implode(', ', $result);
}
/**
* User > Email
*/
function user2email($p)
{
$dbh = $this->app->get_dbh();
$sql_result = $dbh->query(preg_replace('/%u/', $dbh->escape($p['user']), $this->config['email']));
while ($sql_arr = $dbh->fetch_array($sql_result)) {
if (strpos($sql_arr[0], '@')) {
if ($p['extended'] && count($sql_arr) > 1) {
$result[] = array('email' => rcube_idn_to_ascii($sql_arr[0]), 'name' => $sql_arr[1], 'organization' => $sql_arr[2], 'reply-to' => rcube_idn_to_ascii($sql_arr[3]), 'bcc' => rcube_idn_to_ascii($sql_arr[4]), 'signature' => $sql_arr[5], 'html_signature' => (int) $sql_arr[6]);
} else {
$result[] = $sql_arr[0];
}
if ($p['first']) {
break;
}
}
}
$p['email'] = $result;
return $p;
}
/**
* Handler for submitted form
*
* Check fields and save to default identity if valid.
* Afterwards the session flag is removed and we're done.
*/
function save_data()
{
$rcmail = rcmail::get_instance();
$identity = $rcmail->user->get_identity();
$identities_level = intval($rcmail->config->get('identities_level', 0));
$save_data = array('name' => get_input_value('_name', RCUBE_INPUT_POST), 'email' => get_input_value('_email', RCUBE_INPUT_POST), 'organization' => get_input_value('_organization', RCUBE_INPUT_POST), 'signature' => get_input_value('_signature', RCUBE_INPUT_POST));
// don't let the user alter the e-mail address if disabled by config
if ($identities_level == 1 || $identities_level == 3) {
$save_data['email'] = $identity['email'];
} else {
$save_data['email'] = rcube_idn_to_ascii($save_data['email']);
}
// save data if not empty
if (!empty($save_data['name']) && !empty($save_data['email'])) {
$rcmail->user->update_identity($identity['identity_id'], $save_data);
$rcmail->session->remove('plugin.newuserdialog');
}
$rcmail->output->redirect('');
}
function authenticate($args)
{
// Load plugin's config file
$this->load_config();
$host = rcmail::get_instance()->config->get('http_authentication_host');
if (is_string($host) && trim($host) !== '') {
$args['host'] = rcube_idn_to_ascii(rcube_parse_host($host));
}
// Allow entering other user data in login form,
// e.g. after log out (#1487953)
if (!empty($args['user'])) {
return $args;
}
if (!empty($_SERVER['PHP_AUTH_USER']) && !empty($_SERVER['PHP_AUTH_PW'])) {
$args['user'] = $_SERVER['PHP_AUTH_USER'];
$args['pass'] = $_SERVER['PHP_AUTH_PW'];
}
$args['cookiecheck'] = false;
$args['valid'] = true;
return $args;
}
function save($curpass, $passwd)
{
$rcmail = rcmail::get_instance();
if (!($sql = $rcmail->config->get('password_query'))) {
$sql = 'SELECT update_passwd(%c, %u)';
}
if ($dsn = $rcmail->config->get('password_db_dsn')) {
// #1486067: enable new_link option
if (is_array($dsn) && empty($dsn['new_link'])) {
$dsn['new_link'] = true;
} else {
if (!is_array($dsn) && !preg_match('/\\?new_link=true/', $dsn)) {
$dsn .= '?new_link=true';
}
}
$db = rcube_db::factory($dsn, '', false);
$db->set_debug((bool) $rcmail->config->get('sql_debug'));
$db->db_connect('w');
} else {
$db = $rcmail->get_dbh();
}
if ($err = $db->is_error()) {
return PASSWORD_ERROR;
}
// crypted password
if (strpos($sql, '%c') !== FALSE) {
$salt = '';
if (!($crypt_hash = $rcmail->config->get('password_crypt_hash'))) {
if (CRYPT_MD5) {
$crypt_hash = 'md5';
} else {
if (CRYPT_STD_DES) {
$crypt_hash = 'des';
}
}
}
switch ($crypt_hash) {
case 'md5':
$len = 8;
$salt_hashindicator = '$1$';
break;
case 'des':
$len = 2;
break;
case 'blowfish':
$len = 22;
$salt_hashindicator = '$2a$';
break;
case 'sha256':
$len = 16;
$salt_hashindicator = '$5$';
break;
case 'sha512':
$len = 16;
$salt_hashindicator = '$6$';
break;
default:
return PASSWORD_CRYPT_ERROR;
}
//Restrict the character set used as salt (#1488136)
$seedchars = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
for ($i = 0; $i < $len; $i++) {
$salt .= $seedchars[rand(0, 63)];
}
$sql = str_replace('%c', $db->quote(crypt($passwd, $salt_hashindicator ? $salt_hashindicator . $salt . '$' : $salt)), $sql);
}
// dovecotpw
if (strpos($sql, '%D') !== FALSE) {
if (!($dovecotpw = $rcmail->config->get('password_dovecotpw'))) {
$dovecotpw = 'dovecotpw';
}
if (!($method = $rcmail->config->get('password_dovecotpw_method'))) {
$method = 'CRAM-MD5';
}
// use common temp dir
$tmp_dir = $rcmail->config->get('temp_dir');
$tmpfile = tempnam($tmp_dir, 'roundcube-');
$pipe = popen("{$dovecotpw} -s '{$method}' > '{$tmpfile}'", "w");
if (!$pipe) {
unlink($tmpfile);
return PASSWORD_CRYPT_ERROR;
} else {
fwrite($pipe, $passwd . "\n", 1 + strlen($passwd));
usleep(1000);
fwrite($pipe, $passwd . "\n", 1 + strlen($passwd));
pclose($pipe);
$newpass = trim(file_get_contents($tmpfile), "\n");
if (!preg_match('/^\\{' . $method . '\\}/', $newpass)) {
return PASSWORD_CRYPT_ERROR;
}
if (!$rcmail->config->get('password_dovecotpw_with_method')) {
$newpass = trim(str_replace('{' . $method . '}', '', $newpass));
}
unlink($tmpfile);
}
$sql = str_replace('%D', $db->quote($newpass), $sql);
}
// hashed passwords
if (preg_match('/%[n|q]/', $sql)) {
if (!extension_loaded('hash')) {
raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Password plugin: 'hash' extension not loaded!"), true, false);
return PASSWORD_ERROR;
}
if (!($hash_algo = strtolower($rcmail->config->get('password_hash_algorithm')))) {
$hash_algo = 'sha1';
}
$hash_passwd = hash($hash_algo, $passwd);
$hash_curpass = hash($hash_algo, $curpass);
if ($rcmail->config->get('password_hash_base64')) {
$hash_passwd = base64_encode(pack('H*', $hash_passwd));
$hash_curpass = base64_encode(pack('H*', $hash_curpass));
}
$sql = str_replace('%n', $db->quote($hash_passwd, 'text'), $sql);
$sql = str_replace('%q', $db->quote($hash_curpass, 'text'), $sql);
}
// Handle clear text passwords securely (#1487034)
$sql_vars = array();
if (preg_match_all('/%[p|o]/', $sql, $m)) {
foreach ($m[0] as $var) {
if ($var == '%p') {
$sql = preg_replace('/%p/', '?', $sql, 1);
$sql_vars[] = (string) $passwd;
} else {
// %o
$sql = preg_replace('/%o/', '?', $sql, 1);
$sql_vars[] = (string) $curpass;
}
}
}
$local_part = $rcmail->user->get_username('local');
$domain_part = $rcmail->user->get_username('domain');
$username = $_SESSION['username'];
$host = $_SESSION['imap_host'];
// convert domains to/from punnycode
if ($rcmail->config->get('password_idn_ascii')) {
$domain_part = rcube_idn_to_ascii($domain_part);
$username = rcube_idn_to_ascii($username);
$host = rcube_idn_to_ascii($host);
} else {
$domain_part = rcube_idn_to_utf8($domain_part);
$username = rcube_idn_to_utf8($username);
$host = rcube_idn_to_utf8($host);
}
// at least we should always have the local part
$sql = str_replace('%l', $db->quote($local_part, 'text'), $sql);
$sql = str_replace('%d', $db->quote($domain_part, 'text'), $sql);
$sql = str_replace('%u', $db->quote($username, 'text'), $sql);
$sql = str_replace('%h', $db->quote($host, 'text'), $sql);
$res = $db->query($sql, $sql_vars);
if (!$db->is_error()) {
if (strtolower(substr(trim($sql), 0, 6)) == 'select') {
if ($result = $db->fetch_array($res)) {
return PASSWORD_SUCCESS;
}
} else {
// This is the good case: 1 row updated
if ($db->affected_rows($res) == 1) {
return PASSWORD_SUCCESS;
}
// @TODO: Some queries don't affect any rows
// Should we assume a success if there was no error?
}
}
return PASSWORD_ERROR;
}
/**
* Loads configuration, initializes plugin (including sieve connection)
*/
function managesieve_start()
{
$this->load_config();
// register UI objects
$this->rc->output->add_handlers(array('filterslist' => array($this, 'filters_list'), 'filtersetslist' => array($this, 'filtersets_list'), 'filterframe' => array($this, 'filter_frame'), 'filterform' => array($this, 'filter_form'), 'filtersetform' => array($this, 'filterset_form')));
// Add include path for internal classes
$include_path = $this->home . '/lib' . PATH_SEPARATOR;
$include_path .= ini_get('include_path');
set_include_path($include_path);
$host = rcube_parse_host($this->rc->config->get('managesieve_host', 'localhost'));
$port = $this->rc->config->get('managesieve_port', 2000);
$host = rcube_idn_to_ascii($host);
$plugin = $this->rc->plugins->exec_hook('managesieve_connect', array('user' => $_SESSION['username'], 'password' => $this->rc->decrypt($_SESSION['password']), 'host' => $host, 'port' => $port, 'auth_type' => $this->rc->config->get('managesieve_auth_type'), 'usetls' => $this->rc->config->get('managesieve_usetls', false), 'disabled' => $this->rc->config->get('managesieve_disabled_extensions'), 'debug' => $this->rc->config->get('managesieve_debug', false), 'auth_cid' => $this->rc->config->get('managesieve_auth_cid'), 'auth_pw' => $this->rc->config->get('managesieve_auth_pw')));
// try to connect to managesieve server and to fetch the script
$this->sieve = new rcube_sieve($plugin['user'], $plugin['password'], $plugin['host'], $plugin['port'], $plugin['auth_type'], $plugin['usetls'], $plugin['disabled'], $plugin['debug'], $plugin['auth_cid'], $plugin['auth_pw']);
if (!($error = $this->sieve->error())) {
// Get list of scripts
$list = $this->list_scripts();
if (!empty($_GET['_set']) || !empty($_POST['_set'])) {
$script_name = get_input_value('_set', RCUBE_INPUT_GPC, true);
} else {
if (!empty($_SESSION['managesieve_current'])) {
$script_name = $_SESSION['managesieve_current'];
} else {
// get (first) active script
if (!empty($this->active[0])) {
$script_name = $this->active[0];
} else {
if ($list) {
$script_name = $list[0];
} else {
// if script not exists build default script contents
$script_file = $this->rc->config->get('managesieve_default');
$script_name = $this->rc->config->get('managesieve_script_name');
if (empty($script_name)) {
$script_name = 'roundcube';
}
if ($script_file && is_readable($script_file)) {
$content = file_get_contents($script_file);
}
// add script and set it active
if ($this->sieve->save_script($script_name, $content)) {
$this->activate_script($script_name);
$this->list[] = $script_name;
}
}
}
}
}
if ($script_name) {
$this->sieve->load($script_name);
}
$error = $this->sieve->error();
}
// finally set script objects
if ($error) {
switch ($error) {
case SIEVE_ERROR_CONNECTION:
case SIEVE_ERROR_LOGIN:
$this->rc->output->show_message('managesieve.filterconnerror', 'error');
break;
default:
$this->rc->output->show_message('managesieve.filterunknownerror', 'error');
break;
}
raise_error(array('code' => 403, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Unable to connect to managesieve on {$host}:{$port}"), true, false);
// to disable 'Add filter' button set env variable
$this->rc->output->set_env('filterconnerror', true);
$this->script = array();
} else {
$this->exts = $this->sieve->get_extensions();
$this->script = $this->sieve->script->as_array();
$this->rc->output->set_env('currentset', $this->sieve->current);
$_SESSION['managesieve_current'] = $this->sieve->current;
}
return $error;
}
/**
* Return the mail domain configured for the given host
*
* @param string $host IMAP host
* @param boolean $encode If true, domain name will be converted to IDN ASCII
* @return string Resolved SMTP host
*/
public function mail_domain($host, $encode = true)
{
$domain = $host;
if (is_array($this->prop['mail_domain'])) {
if (isset($this->prop['mail_domain'][$host])) {
$domain = $this->prop['mail_domain'][$host];
}
} else {
if (!empty($this->prop['mail_domain'])) {
$domain = rcube_parse_host($this->prop['mail_domain']);
}
}
if ($encode) {
$domain = rcube_idn_to_ascii($domain);
}
return $domain;
}
/**
* Helper function to build a Mail_mime object to send an iTip message
*
* @param array Event object to send
* @param string iTip method (REQUEST|REPLY|CANCEL)
* @return object Mail_mime object with message data
*/
public function compose_itip_message($event, $method)
{
$from = rcube_idn_to_ascii($this->sender['email']);
$from_utf = rcube_idn_to_utf8($from);
$sender = format_email_recipient($from, $this->sender['name']);
// truncate list attendees down to the recipient of the iTip Reply.
// constraints for a METHOD:REPLY according to RFC 5546
if ($method == 'REPLY') {
$replying_attendee = null;
$reply_attendees = array();
foreach ($event['attendees'] as $attendee) {
if ($attendee['role'] == 'ORGANIZER') {
$reply_attendees[] = $attendee;
} else {
if (strcasecmp($attedee['email'], $from) == 0 || strcasecmp($attendee['email'], $from_utf) == 0) {
$replying_attendee = $attendee;
}
}
}
if ($replying_attendee) {
$reply_attendees[] = $replying_attendee;
$event['attendees'] = $reply_attendees;
}
}
// compose multipart message using PEAR:Mail_Mime
$message = new Mail_mime("\r\n");
$message->setParam('text_encoding', 'quoted-printable');
$message->setParam('head_encoding', 'quoted-printable');
$message->setParam('head_charset', RCMAIL_CHARSET);
$message->setParam('text_charset', RCMAIL_CHARSET . ";\r\n format=flowed");
$message->setContentType('multipart/alternative');
// compose common headers array
$headers = array('From' => $sender, 'Date' => $this->rc->user_date(), 'Message-ID' => $this->rc->gen_message_id(), 'X-Sender' => $from);
if ($agent = $this->rc->config->get('useragent')) {
$headers['User-Agent'] = $agent;
}
$message->headers($headers);
// attach ics file for this event
$ical = $this->cal->get_ical();
$ics = $ical->export(array($event), $method, false, $method == 'REQUEST' ? array($this->cal->driver, 'get_attachment_body') : false);
$message->addAttachment($ics, 'text/calendar', 'event.ics', false, '8bit', '', RCMAIL_CHARSET . "; method=" . $method);
return $message;
}
/**
* Handler for ACL update/create action
*/
private function action_save()
{
$mbox = trim(get_input_value('_mbox', RCUBE_INPUT_GPC, true));
// UTF7-IMAP
$user = trim(get_input_value('_user', RCUBE_INPUT_GPC));
$acl = trim(get_input_value('_acl', RCUBE_INPUT_GPC));
$oldid = trim(get_input_value('_old', RCUBE_INPUT_GPC));
$acl = array_intersect(str_split($acl), $this->rights_supported());
$users = $oldid ? array($user) : explode(',', $user);
foreach ($users as $user) {
$user = trim($user);
if (!empty($this->specials) && in_array($user, $this->specials)) {
$username = $this->gettext($user);
} else {
if (!strpos($user, '@') && ($realm = $this->get_realm())) {
$user .= '@' . rcube_idn_to_ascii(preg_replace('/^@/', '', $realm));
}
$username = $user;
}
if (!$acl || !$user || !strlen($mbox)) {
continue;
}
if ($user != $_SESSION['username'] && $username != $_SESSION['username']) {
if ($this->rc->storage->set_acl($mbox, $user, $acl)) {
$ret = array('id' => html_identifier($user), 'username' => $username, 'acl' => implode($acl), 'old' => $oldid);
$this->rc->output->command('acl_update', $ret);
$result++;
}
}
}
if ($result) {
$this->rc->output->show_message($oldid ? 'acl.updatesuccess' : 'acl.createsuccess', 'confirmation');
} else {
$this->rc->output->show_message($oldid ? 'acl.updateerror' : 'acl.createerror', 'error');
}
}
/**
* SMTP Connection and authentication
*
* @param string Server host
* @param string Server port
* @param string User name
* @param string Password
*
* @return bool Returns true on success, or false on error
*/
public function connect($host = null, $port = null, $user = null, $pass = null)
{
$RCMAIL = rcmail::get_instance();
// disconnect/destroy $this->conn
$this->disconnect();
// reset error/response var
$this->error = $this->response = null;
// let plugins alter smtp connection config
$CONFIG = $RCMAIL->plugins->exec_hook('smtp_connect', array('smtp_server' => $host ? $host : $RCMAIL->config->get('smtp_server'), 'smtp_port' => $port ? $port : $RCMAIL->config->get('smtp_port', 25), 'smtp_user' => $user ? $user : $RCMAIL->config->get('smtp_user'), 'smtp_pass' => $pass ? $pass : $RCMAIL->config->get('smtp_pass'), 'smtp_auth_cid' => $RCMAIL->config->get('smtp_auth_cid'), 'smtp_auth_pw' => $RCMAIL->config->get('smtp_auth_pw'), 'smtp_auth_type' => $RCMAIL->config->get('smtp_auth_type'), 'smtp_helo_host' => $RCMAIL->config->get('smtp_helo_host'), 'smtp_timeout' => $RCMAIL->config->get('smtp_timeout'), 'smtp_auth_callbacks' => array()));
$smtp_host = rcube_parse_host($CONFIG['smtp_server']);
// when called from Installer it's possible to have empty $smtp_host here
if (!$smtp_host) {
$smtp_host = 'localhost';
}
$smtp_port = is_numeric($CONFIG['smtp_port']) ? $CONFIG['smtp_port'] : 25;
$smtp_host_url = parse_url($smtp_host);
// overwrite port
if (isset($smtp_host_url['host']) && isset($smtp_host_url['port'])) {
$smtp_host = $smtp_host_url['host'];
$smtp_port = $smtp_host_url['port'];
}
// re-write smtp host
if (isset($smtp_host_url['host']) && isset($smtp_host_url['scheme'])) {
$smtp_host = sprintf('%s://%s', $smtp_host_url['scheme'], $smtp_host_url['host']);
}
// remove TLS prefix and set flag for use in Net_SMTP::auth()
if (preg_match('#^tls://#i', $smtp_host)) {
$smtp_host = preg_replace('#^tls://#i', '', $smtp_host);
$use_tls = true;
}
if (!empty($CONFIG['smtp_helo_host'])) {
$helo_host = $CONFIG['smtp_helo_host'];
} else {
if (!empty($_SERVER['SERVER_NAME'])) {
$helo_host = preg_replace('/:\\d+$/', '', $_SERVER['SERVER_NAME']);
} else {
$helo_host = 'localhost';
}
}
// IDNA Support
$smtp_host = rcube_idn_to_ascii($smtp_host);
$this->conn = new Net_SMTP($smtp_host, $smtp_port, $helo_host);
if ($RCMAIL->config->get('smtp_debug')) {
$this->conn->setDebug(true, array($this, 'debug_handler'));
}
// register authentication methods
if (!empty($CONFIG['smtp_auth_callbacks']) && method_exists($this->conn, 'setAuthMethod')) {
foreach ($CONFIG['smtp_auth_callbacks'] as $callback) {
$this->conn->setAuthMethod($callback['name'], $callback['function'], isset($callback['prepend']) ? $callback['prepend'] : true);
}
}
// try to connect to server and exit on failure
$result = $this->conn->connect($smtp_timeout);
if (PEAR::isError($result)) {
$this->response[] = "Connection failed: " . $result->getMessage();
$this->error = array('label' => 'smtpconnerror', 'vars' => array('code' => $this->conn->_code));
$this->conn = null;
return false;
}
// workaround for timeout bug in Net_SMTP 1.5.[0-1] (#1487843)
if (method_exists($this->conn, 'setTimeout') && ($timeout = ini_get('default_socket_timeout'))) {
$this->conn->setTimeout($timeout);
}
$smtp_user = str_replace('%u', $_SESSION['username'], $CONFIG['smtp_user']);
$smtp_pass = str_replace('%p', $RCMAIL->decrypt($_SESSION['password']), $CONFIG['smtp_pass']);
$smtp_auth_type = empty($CONFIG['smtp_auth_type']) ? NULL : $CONFIG['smtp_auth_type'];
if (!empty($CONFIG['smtp_auth_cid'])) {
$smtp_authz = $smtp_user;
$smtp_user = $CONFIG['smtp_auth_cid'];
$smtp_pass = $CONFIG['smtp_auth_pw'];
}
// attempt to authenticate to the SMTP server
if ($smtp_user && $smtp_pass) {
// IDNA Support
if (strpos($smtp_user, '@')) {
$smtp_user = rcube_idn_to_ascii($smtp_user);
}
$result = $this->conn->auth($smtp_user, $smtp_pass, $smtp_auth_type, $use_tls, $smtp_authz);
if (PEAR::isError($result)) {
$this->error = array('label' => 'smtpautherror', 'vars' => array('code' => $this->conn->_code));
$this->response[] .= 'Authentication failure: ' . $result->getMessage() . ' (Code: ' . $result->getCode() . ')';
$this->reset();
$this->disconnect();
return false;
}
}
return true;
}
/**
* Perfom login to the IMAP server and to the webmail service.
* This will also create a new user entry if auto_create_user is configured.
*
* @param string IMAP user name
* @param string IMAP password
* @param string IMAP host
* @return boolean True on success, False on failure
*/
function login($username, $pass, $host = NULL)
{
$user = NULL;
$config = $this->config->all();
if (!$host) {
$host = $config['default_host'];
}
// Validate that selected host is in the list of configured hosts
if (is_array($config['default_host'])) {
$allowed = false;
foreach ($config['default_host'] as $key => $host_allowed) {
if (!is_numeric($key)) {
$host_allowed = $key;
}
if ($host == $host_allowed) {
$allowed = true;
break;
}
}
if (!$allowed) {
return false;
}
} else {
if (!empty($config['default_host']) && $host != rcube_parse_host($config['default_host'])) {
return false;
}
}
// parse $host URL
$a_host = parse_url($host);
if ($a_host['host']) {
$host = $a_host['host'];
$imap_ssl = isset($a_host['scheme']) && in_array($a_host['scheme'], array('ssl', 'imaps', 'tls')) ? $a_host['scheme'] : null;
if (!empty($a_host['port'])) {
$imap_port = $a_host['port'];
} else {
if ($imap_ssl && $imap_ssl != 'tls' && (!$config['default_port'] || $config['default_port'] == 143)) {
$imap_port = 993;
}
}
}
$imap_port = $imap_port ? $imap_port : $config['default_port'];
/* Modify username with domain if required
Inspired by Marco <P0L0_notspam_binware.org>
*/
// Check if we need to add domain
if (!empty($config['username_domain']) && strpos($username, '@') === false) {
if (is_array($config['username_domain']) && isset($config['username_domain'][$host])) {
$username .= '@' . rcube_parse_host($config['username_domain'][$host], $host);
} else {
if (is_string($config['username_domain'])) {
$username .= '@' . rcube_parse_host($config['username_domain'], $host);
}
}
}
// Convert username to lowercase. If IMAP backend
// is case-insensitive we need to store always the same username (#1487113)
if ($config['login_lc']) {
$username = mb_strtolower($username);
}
// try to resolve email address from virtuser table
if (strpos($username, '@') && ($virtuser = rcube_user::email2user($username))) {
$username = $virtuser;
}
// Here we need IDNA ASCII
// Only rcube_contacts class is using domain names in Unicode
$host = rcube_idn_to_ascii($host);
if (strpos($username, '@')) {
// lowercase domain name
list($local, $domain) = explode('@', $username);
$username = $local . '@' . mb_strtolower($domain);
$username = rcube_idn_to_ascii($username);
}
// user already registered -> overwrite username
if ($user = rcube_user::query($username, $host)) {
$username = $user->data['username'];
}
if (!$this->imap) {
$this->imap_init();
}
// try IMAP login
if (!($imap_login = $this->imap->connect($host, $username, $pass, $imap_port, $imap_ssl))) {
// try with lowercase
$username_lc = mb_strtolower($username);
if ($username_lc != $username) {
// try to find user record again -> overwrite username
if (!$user && ($user = rcube_user::query($username_lc, $host))) {
$username_lc = $user->data['username'];
}
if ($imap_login = $this->imap->connect($host, $username_lc, $pass, $imap_port, $imap_ssl)) {
$username = $username_lc;
}
}
}
// exit if IMAP login failed
if (!$imap_login) {
return false;
}
$this->set_imap_prop();
// user already registered -> update user's record
if (is_object($user)) {
// create default folders on first login
if (!$user->data['last_login'] && $config['create_default_folders']) {
$this->imap->create_default_folders();
}
$user->touch();
} else {
if ($config['auto_create_user']) {
if ($created = rcube_user::create($username, $host)) {
$user = $created;
// create default folders on first login
if ($config['create_default_folders']) {
$this->imap->create_default_folders();
}
} else {
raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Failed to create a user record. Maybe aborted by a plugin?"), true, false);
}
} else {
raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Acces denied for new user {$username}. 'auto_create_user' is disabled"), true, false);
}
}
// login succeeded
if (is_object($user) && $user->ID) {
$this->set_user($user);
// set session vars
$_SESSION['user_id'] = $user->ID;
$_SESSION['username'] = $user->data['username'];
$_SESSION['imap_host'] = $host;
$_SESSION['imap_port'] = $imap_port;
$_SESSION['imap_ssl'] = $imap_ssl;
$_SESSION['password'] = $this->encrypt($pass);
$_SESSION['login_time'] = mktime();
if (isset($_REQUEST['_timezone']) && $_REQUEST['_timezone'] != '_default_') {
$_SESSION['timezone'] = floatval($_REQUEST['_timezone']);
}
// force reloading complete list of subscribed mailboxes
$this->imap->clear_cache('mailboxes');
return true;
}
return false;
}
/**
* Check the given data before saving.
* If input isn't valid, the message to display can be fetched using get_error()
*
* @param array Assoziative array with data to save
* @param boolean Attempt to fix/complete record automatically
* @return boolean True if input is valid, False if not.
*/
public function validate(&$save_data, $autofix = false)
{
// check validity of email addresses
foreach ($this->get_col_values('email', $save_data, true) as $email) {
if (strlen($email)) {
if (!check_email(rcube_idn_to_ascii($email))) {
$this->set_error(self::ERROR_VALIDATE, rcube_label(array('name' => 'emailformaterror', 'vars' => array('email' => $email))));
return false;
}
}
}
return true;
}
private function _startup()
{
$rcmail = rcmail::get_instance();
if (!$this->sieve) {
include 'lib/Net/Sieve.php';
include 'include/rcube_sieve.php';
include 'include/rcube_sieve_script.php';
$rcmail = rcmail::get_instance();
// try to connect to managesieve server and to fetch the script
$this->sieve = new rcube_sieve($_SESSION['username'], $rcmail->decrypt($_SESSION['password']), rcube_idn_to_ascii(rcube_parse_host($rcmail->config->get('sieverules_host'))), $rcmail->config->get('sieverules_port'), $rcmail->config->get('sieverules_auth_type', NULL), $rcmail->config->get('sieverules_usetls'), $this->current_ruleset, $this->home, $rcmail->config->get('sieverules_use_elsif', true), $rcmail->config->get('sieverules_auth_cid', NULL), $rcmail->config->get('sieverules_auth_pw', NULL));
if ($rcmail->config->get('sieverules_debug', false)) {
$this->sieve->set_debug(true);
}
$this->sieve_error = $this->sieve->error();
if ($this->sieve_error == SIEVE_ERROR_NOT_EXISTS) {
// load default rule set
if ($rcmail->config->get('sieverules_default_file', false) && is_readable($rcmail->config->get('sieverules_default_file')) || sizeof($this->sieve->list) > 0) {
rcmail_overwrite_action('plugin.sieverules.setup');
$this->action = 'plugin.sieverules.setup';
} elseif ($rcmail->config->get('sieverules_default_file', false) && !is_readable($rcmail->config->get('sieverules_default_file'))) {
raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "SieveRules plugin: Unable to open default rule file"), true, false);
}
// that's not exactly an error
$this->sieve_error = false;
} elseif ($this->sieve_error) {
switch ($this->sieve_error) {
case SIEVE_ERROR_CONNECTION:
case SIEVE_ERROR_LOGIN:
$this->api->output->command('display_message', $this->gettext('filterconnerror'), 'error');
break;
default:
$this->api->output->command('display_message', $this->gettext('filterunknownerror'), 'error');
break;
}
$this->api->output->set_env('sieveruleserror', true);
}
// finally set script objects
if ($this->sieve_error) {
$this->script = array();
} else {
$this->script = $this->sieve->script->as_array();
// load example filters
if ($rcmail->config->get('sieverules_example_file', false) && is_readable($rcmail->config->get('sieverules_example_file'))) {
$this->examples = $this->sieve->script->parse_text(file_get_contents($rcmail->config->get('sieverules_example_file')));
} elseif ($rcmail->config->get('sieverules_example_file', false) && !is_readable($rcmail->config->get('sieverules_example_file'))) {
raise_error(array('code' => 600, 'type' => 'php', 'file' => __FILE__, 'line' => __LINE__, 'message' => "SieveRules plugin: Unable to open example rule file"), true, false);
}
}
} else {
$this->sieve->set_ruleset($this->current_ruleset);
$this->script = $this->sieve->script->as_array();
}
}
/**
* Establish a connection to the LDAP server
*/
function connect()
{
global $RCMAIL;
if (!function_exists('ldap_connect')) {
raise_error(array('code' => 100, 'type' => 'ldap', 'file' => __FILE__, 'line' => __LINE__, 'message' => "No ldap support in this installation of PHP"), true);
}
if (is_resource($this->conn)) {
return true;
}
if (!is_array($this->prop['hosts'])) {
$this->prop['hosts'] = array($this->prop['hosts']);
}
if (empty($this->prop['ldap_version'])) {
$this->prop['ldap_version'] = 3;
}
foreach ($this->prop['hosts'] as $host) {
$host = rcube_idn_to_ascii(rcube_parse_host($host));
$this->_debug("C: Connect [{$host}" . ($this->prop['port'] ? ':' . $this->prop['port'] : '') . "]");
if ($lc = @ldap_connect($host, $this->prop['port'])) {
if ($this->prop['use_tls'] === true) {
if (!ldap_start_tls($lc)) {
continue;
}
}
$this->_debug("S: OK");
ldap_set_option($lc, LDAP_OPT_PROTOCOL_VERSION, $this->prop['ldap_version']);
$this->prop['host'] = $host;
$this->conn = $lc;
break;
}
$this->_debug("S: NOT OK");
}
if (is_resource($this->conn)) {
$this->ready = true;
// User specific access, generate the proper values to use.
if ($this->prop['user_specific']) {
// No password set, use the session password
if (empty($this->prop['bind_pass'])) {
$this->prop['bind_pass'] = $RCMAIL->decrypt($_SESSION['password']);
}
// Get the pieces needed for variable replacement.
$fu = $RCMAIL->user->get_username();
list($u, $d) = explode('@', $fu);
$dc = 'dc=' . strtr($d, array('.' => ',dc='));
// hierarchal domain string
$replaces = array('%dc' => $dc, '%d' => $d, '%fu' => $fu, '%u' => $u);
if ($this->prop['search_base_dn'] && $this->prop['search_filter']) {
// Search for the dn to use to authenticate
$this->prop['search_base_dn'] = strtr($this->prop['search_base_dn'], $replaces);
$this->prop['search_filter'] = strtr($this->prop['search_filter'], $replaces);
$this->_debug("S: searching with base {$this->prop['search_base_dn']} for {$this->prop['search_filter']}");
$res = ldap_search($this->conn, $this->prop['search_base_dn'], $this->prop['search_filter'], array('uid'));
if ($res && ($entry = ldap_first_entry($this->conn, $res))) {
$bind_dn = ldap_get_dn($this->conn, $entry);
$this->_debug("S: search returned dn: {$bind_dn}");
if ($bind_dn) {
$this->prop['bind_dn'] = $bind_dn;
$dn = ldap_explode_dn($bind_dn, 1);
$replaces['%dn'] = $dn[0];
}
}
}
// Replace the bind_dn and base_dn variables.
$this->prop['bind_dn'] = strtr($this->prop['bind_dn'], $replaces);
$this->prop['base_dn'] = strtr($this->prop['base_dn'], $replaces);
}
if (!empty($this->prop['bind_dn']) && !empty($this->prop['bind_pass'])) {
$this->ready = $this->bind($this->prop['bind_dn'], $this->prop['bind_pass']);
}
} else {
raise_error(array('code' => 100, 'type' => 'ldap', 'file' => __FILE__, 'line' => __LINE__, 'message' => "Could not connect to any LDAP server, last tried {$host}:{$this->prop[port]}"), true);
}
// See if the directory is writeable.
if ($this->prop['writable']) {
$this->readonly = false;
}
// end if
}